phpMyFAQ is a multi-language, fully database-driven FAQ system. An information disclosure vulnerability exists in phpMyFAQ versions prior to 3.2.2, which stems from the presence of sensitive cookies in an HTTPS session, and can be exploited by an attacker to obtain sensitive information.